Distributed Services Switch
October 21, 2021
introduced the industry's first Distributed Services Switch enabling enterprises
to deploy software-defined stateful services where data is created and
processed, eliminating legacy appliances and host software needed to build the
hybrid clouds demanded by modern applications and IT organizations.
“Markets in transition create new opportunities for disruption. As the Cloud
moves to the Edge, distributed services are disrupting everything from AI/ML, to
5G and virtualization,” said John Chambers, chairman of Pensando, CEO of JC2
Ventures, and former CEO of Cisco Systems. “This new category – the Distributed
Services Switch, enabled by Pensando software-in-silicon, makes the process of
deploying distributed services, previously only available to hyperscalers like
AWS, in the enterprise both simple and more cost-effective. By eliminating
legacy appliances and host software, enterprises can deliver 100x the scale and
10x the performance at 1/3 the TCO of traditional approaches.”
The Aruba CX 10000 Series Switch represents a new category of data center
switches that combines best-of-breed Aruba data center L2/3 switching with the
industry's only, fully programmable DPU (Pensando Elba) to deliver stateful
software-defined services inline, at scale, with wire-rate performance and
orders of magnitude scale and performance improvements over traditional data
center L2/3 switches at a fraction of their TCO.
”Aruba and Pensando have enabled the industry’s first distributed services
architecture that allows enterprises to create and operate network
infrastructures that perform and scale just like the hyperscale infrastructure
giants,” said Alan Weckel, founder and technology analyst at 650 Group. “We
believe this is an emerging industry category, distinguished from all others,
that will grow over time. New and emerging workloads like AI/ML will drive the
ecosystem towards comparable solutions based on innovative, distributed services
Rethinking Today’s Network Services Model
While data center networking has evolved over the past decade providing higher
performing 25/100/400G leaf-spine topologies to address the volume and velocity
of emerging application architectures, security and services architectures have
With the explosive growth of east-west traffic in the data center, centralized
security appliances are proving inefficient, expensive and difficult to manage.
Simply put, hair-pinning traffic to an appliance sitting at the data center edge
introduces heavy performance, cost and operational penalties.
This problem is further exacerbated by microservices-based applications, where
traffic may not even need to leave a physical host to go from one service to
another. This means some application traffic may never be inspected by a
hardware firewall, IPS, or other security devices, leaving enterprises
vulnerable to attack from within the enterprise itself.
Moving to a New, Distributed Services Architecture
The Aruba CX 10000 Series Switch with Pensando provides an entirely new class of
switching solution to overcome the limitations of legacy architectures. The
Aruba CX 10000 will allow operators to extend industry standard leaf-spine
networking with distributed stateful segmentation, east-west firewalling, NAT,
encryption, and telemetry services – all delivered inline, all the time, on
every access port, closer to where critical enterprise applications run.
The solution delivers a unique blend of performance, scale and automation for
distributing advanced networking and security services where it is impractical
and costly to force traffic back and forth across the network to a centralized
policy enforcement point. Instead, enterprises can now simply apply these
services at the network access layer edge where the applications are running.
Key initial use cases include:
On-premises Enterprise Data Centers and Private Cloud
Traditional data center architectures with centralized, hardware-based security
appliances are being pushed to their breaking point – imposing performance,
agility, and cost burdens that are not sustainable. The Aruba CX 10000 delivers
a compelling architecture to distribute advanced services to the data center
edge with unified network and security automation and policy management. This
new solution optimizes network bandwidth and performance by not having to
hair-pin local traffic to a centralized chokepoint, helping improve security
posture while limiting appliance sprawl, complexity and cost.
Co-location Edge – Securely Interconnecting Cloud Providers
The cost of encrypting access to the public cloud using traditional appliances
is exorbitant. Many customers have a compliance mandate to encrypt all access to
public cloud resources. The Aruba CX 10000 provides edge routing, line-rate
encryption, firewall and NAT, with end-to-end telemetry for public cloud
dedicated connections from either on-premises or co-location data centers. This
solution radically lowers the total cost of ownership, provides an optimized
security architecture and reduces an organization’s IT blast radius and risk.
Aruba ESP (Edge Services Platform) was designed to unify, automate
and secure all network edge services across domains including remote, branch,
campus and data center. The Aruba CX 10000 helps customers expand a Zero Trust
Network Architecture deeper into the data center, to the network-server edge,
delivering 800G E-W Stateful Services across every switch port, dramatically
scaling and strengthening the security of critical applications and workloads.
“We are excited that Aruba has brought the Distributed Services approach to the
next level by elevating it from the server to the Top-of-Rack networking layer,”
said John Galatea, vice president of Sales at Dasher Technologies, an Aruba
Platinum Partner. “We believe our clients will benefit from the enhanced
granular security and visibility provided by the Aruba CX 10000 while optimizing
network and infrastructure resources. This architecture allows our clients to
overcome the limitations of legacy solutions by moving security closer to where
applications and workloads are being processed.”
Extending the HPE/Pensando Relationship
new solution complements the previously announced Pensando Distributed Services
Platform (DSP) for HPE Servers, delivered as a factory option in HPE ProLiant
servers, HPE Apollo systems, and HPE Edgeline Converged Edge systems.
The Aruba CX 10000 extends the implementation of these intelligent services into
the data center network fabric, addressing a wider range of use cases including
brownfield deployments or infrastructure agnostic/heterogeneous environments to
complement or augment SmartNIC deployments.
“Today’s announcement further extends the partnership between HPE and Pensando –
by incorporating Distributed Services from Pensando into the industry-leading
Aruba switching platform, the elimination of legacy technologies needed to build
a zero-trust private cloud has never been easier or more cost-effective,” said
Prem Jain, CEO at Pensando Systems. “I look forward to continuing our
relationship and to bringing additional solutions to market.”
As part of the joint relationship, Pensando also gains access to HPE’s vast
patent portfolio through its Defensive Patent Purchase Program.
Pricing and Availability
The Aruba CX 10000 will be generally available in January 2022 with pricing
starting at $45,000 USD which will include accelerated Stateful Firewall, Zero
Trust Segmentation, ERSPAN, Telemetry, and DDoS protection.